Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/DdgsgXTierhjrIBU9XpqyX0czK8.roa
File: DdgsgXTierhjrIBU9XpqyX0czK8.roa (raw, json)
Hash identifier: 2EjsTWkaLEdk84gpv6Nv4Ln2rXdIjw2bq6LbcQerNsI=
Subject key identifier: 0D:D8:2C:81:74:E2:7A:B8:63:AC:80:54:F5:7A:6A:C9:7D:1C:CC:AF
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0189968728ECC6EF6E4092D3D4208950E508
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/DdgsgXTierhjrIBU9XpqyX0czK8.roa
Signing time: Thu 27 Jul 2023 08:46:27 +0000
ROA not before: Thu 27 Jul 2023 08:46:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 399471
IP address blocks: 195.133.18.0/24 maxlen: 24
194.58.46.0/24 maxlen: 24
194.85.250.0/24 maxlen: 24
194.85.249.0/24 maxlen: 24
212.192.246.0/24 maxlen: 24
195.133.39.0/24 maxlen: 24
212.192.245.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:96:87:28:ec:c6:ef:6e:40:92:d3:d4:20:89:50:e5:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jul 27 08:46:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0dd82c8174e27ab863ac8054f57a6ac97d1cccaf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:53:81:1f:2d:f4:20:34:dd:fc:9e:d6:0e:42:
d1:5d:bc:f3:b0:49:1a:49:c5:9a:5f:8b:ea:7f:eb:
09:85:61:9c:26:cc:c8:50:f2:8d:c5:98:7a:2d:3a:
6a:ab:c1:e3:9e:55:2d:68:bc:c1:71:3c:77:fd:6d:
ae:53:a2:d5:e0:0a:d6:87:3f:6d:78:27:fe:d2:f1:
b3:4c:34:6f:8c:af:b9:7c:77:8b:cd:cb:e8:fd:c0:
d2:89:d3:fe:4d:37:85:63:05:15:d1:90:a8:37:1a:
82:4a:07:8b:93:47:38:87:7d:4f:4c:bc:e3:eb:db:
03:be:b7:09:76:5f:f3:3f:9b:1e:9e:9a:db:6c:10:
ef:af:f2:0b:cc:a6:e1:7f:5e:88:ba:28:5f:b5:18:
02:51:2e:d2:a2:9c:d2:c4:d4:21:51:cb:bd:98:b3:
9e:ba:8a:ab:75:c4:c0:f8:18:f4:74:12:2d:66:25:
4f:de:d9:ae:ac:64:0f:9d:40:8a:e4:44:b9:f0:76:
7b:80:76:3d:0d:45:c2:4e:0e:45:4c:4b:1f:18:49:
23:5f:02:b7:93:9e:76:13:c2:0c:5b:85:8f:62:e5:
8e:a4:d3:64:ca:4a:ae:99:01:c4:c9:23:49:49:cb:
87:0a:fe:e5:f9:22:82:fd:3f:94:9c:9e:c7:fe:39:
b6:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:D8:2C:81:74:E2:7A:B8:63:AC:80:54:F5:7A:6A:C9:7D:1C:CC:AF
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/DdgsgXTierhjrIBU9XpqyX0czK8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.58.46.0/24
194.85.249.0-194.85.250.255
195.133.18.0/24
195.133.39.0/24
212.192.245.0-212.192.246.255
Signature Algorithm: sha256WithRSAEncryption
4f:0d:40:ec:a1:4f:45:74:7a:34:4f:a5:93:b8:05:7b:4c:c3:
23:48:27:db:13:a8:f8:27:ce:6a:33:05:f1:63:5b:d6:08:71:
53:4c:28:b2:83:92:0f:dd:68:88:2e:03:b2:42:44:f2:a5:39:
1e:a8:ab:3d:d4:da:79:06:f2:b2:c7:8c:b2:0e:a0:e8:d2:c3:
9a:a1:97:ca:e5:00:b8:bd:b4:bc:d0:ab:5a:eb:84:80:c7:7b:
0b:83:fd:54:81:0c:6e:bf:71:23:af:ea:d5:77:f1:84:dd:0d:
ee:98:ff:37:45:20:42:ce:50:85:45:5e:cd:e8:43:6d:77:a0:
b2:e1:45:58:4e:ce:79:cf:be:92:13:c2:d3:71:9f:f5:86:05:
ae:3e:48:45:23:f6:8a:16:bf:fd:b4:21:54:1a:d5:b2:ed:22:
3e:a4:a4:8e:14:da:cd:c9:67:a1:0e:6f:33:8b:ef:d5:fa:19:
d5:e8:8f:e7:fe:c0:f6:a5:65:7d:52:d0:64:77:27:e7:a3:d3:
84:9c:f5:a2:d4:27:91:05:30:2a:9c:89:63:17:c9:5a:2b:aa:
bc:aa:c2:3d:35:59:24:ac:b0:29:d1:27:a6:7d:5c:11:02:83:
9a:b3:ad:fd:50:3d:25:16:c7:ed:cf:15:44:5d:5b:a2:bd:e2:
74:7e:3e:d0
-----BEGIN CERTIFICATE-----
MIIFJTCCBA2gAwIBAgISAYmWhyjsxu9uQJLT1CCJUOUIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwNzI3MDg0NjI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZGQ4MmM4MTc0ZTI3YWI4NjNhYzgwNTRmNTdhNmFjOTdkMWNjY2FmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwFOBHy30IDTd/J7WDkLRXbzzsEka
ScWaX4vqf+sJhWGcJszIUPKNxZh6LTpqq8HjnlUtaLzBcTx3/W2uU6LV4ArWhz9t
eCf+0vGzTDRvjK+5fHeLzcvo/cDSidP+TTeFYwUV0ZCoNxqCSgeLk0c4h31PTLzj
69sDvrcJdl/zP5senprbbBDvr/ILzKbhf16IuihftRgCUS7SopzSxNQhUcu9mLOe
uoqrdcTA+Bj0dBItZiVP3tmurGQPnUCK5ES58HZ7gHY9DUXCTg5FTEsfGEkjXwK3
k552E8IMW4WPYuWOpNNkykqumQHEySNJScuHCv7l+SKC/T+UnJ7H/jm2jQIDAQAB
o4ICMTCCAi0wHQYDVR0OBBYEFA3YLIF04nq4Y6yAVPV6asl9HMyvMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvRGRnc2dYVGllcmhqcklCVTlYcHF5WDBjeks4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEcGCCsGAQUFBwEHAQH/BDgwNjA0BAIAATAuAwQAwjouMAwD
BADCVfkDBADCVfoDBADDhRIDBADDhScwDAMEANTA9QMEANTA9jANBgkqhkiG9w0B
AQsFAAOCAQEATw1A7KFPRXR6NE+lk7gFe0zDI0gn2xOo+CfOajMF8WNb1ghxU0wo
soOSD91oiC4DskJE8qU5HqirPdTaeQbysseMsg6g6NLDmqGXyuUAuL20vNCrWuuE
gMd7C4P9VIEMbr9xI6/q1XfxhN0N7pj/N0UgQs5QhUVezehDbXegsuFFWE7Oec++
khPC03Gf9YYFrj5IRSP2iha//bQhVBrVsu0iPqSkjhTazclnoQ5vM4vv1foZ1eiP
5/7A9qVlfVLQZHcn56PThJz1otQnkQUwKpyJYxfJWiuqvKrCPTVZJKywKdEnpn1c
EQKDmrOt/VA9JRbH7c8VRF1bor3idH4+0A==
-----END CERTIFICATE-----
Generated at Thu Jul 27 16:35:08 2023 by rpki-client on console-ams.rpki-client.org